592 matches found
Malicious code in @coterie-baby/common (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fb0f46407e3ad7d060630b7aec9ce77a68f41c3a9fd3678941d6d43ca78b68a6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-5654 Malicious code in @coterie-baby/common (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fb0f46407e3ad7d060630b7aec9ce77a68f41c3a9fd3678941d6d43ca78b68a6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2026-33361
In Meari IoT SDK image handling libmrplayer.so as observed in CloudEdge 5.5.0 build 220, Arenti 1.8.1 build 220, and related white-label apps = 1.8.x, baby monitor ".jpgx3" files use reversible XOR over only the first 1024 bytes with a predictable key derivation model...
Meari IoT SDK 加密问题漏洞
Meari IoT SDK is a software development kit provided by Meari Corporation, aimed at developing applications for smart devices. There are encryption-related vulnerabilities in the Meari IoT SDK. These vulnerabilities stem from the use of a predictable key derivation method to perform reversible XO...
charms-sdk (>=0.3.0 <=0.6.3), kzg-rs (>=0.2.3-sp1-4.0.0 <=0.2.5) +77 more potentially affected by unknown CVE via p3-symmetric (>=0.1.0 <=0.4.3)
p3-symmetric CARGO version =0.1.0, =0.3.0, =0.2.3-sp1-4.0.0, =0.20.0, =0.11.0, =5.2.2, =5.2.5, =5.2.2, =0.1.0, =0.4.0, =0.1.0, =0.4.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.4.3-succinct and more Source cves: unknown CVE Source advisory: OSV:GHSA-3G92-F9CH-QJCM...
CVE-2026-28062
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Happy Baby happy-baby allows PHP Local File Inclusion.This issue affects Happy Baby: from n/a through = 1.2.12...
EUVD-2026-9722
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Happy Baby happy-baby allows PHP Local File Inclusion.This issue affects Happy Baby: from n/a through = 1.2.12...
CVE-2026-28062
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Happy Baby happy-baby allows PHP Local File Inclusion.This issue affects Happy Baby: from n/a through = 1.2.12...
CVE-2026-28062 WordPress Happy Baby theme <= 1.2.12 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Happy Baby happy-baby allows PHP Local File Inclusion.This issue affects Happy Baby: from n/a through = 1.2.12...
CVE-2026-28062
CVE-2026-28062 affects the WordPress theme ThemeREX Happy Baby (happy-baby) up to version 1.2.12. It is an Unauthenticated Local File Inclusion vulnerability caused by improper control of filename for include/require statements in PHP. Consequences described in sources indicate possible exposure ...
CVE-2026-28062 WordPress Happy Baby theme <= 1.2.12 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Happy Baby happy-baby allows PHP Local File Inclusion.This issue affects Happy Baby: from n/a through = 1.2.12...
WordPress plugin Happy Baby 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
PT-2026-23342
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Happy Baby happy-baby allows PHP Local File Inclusion.This issue affects Happy Baby: from n/a through = 1.2.12...
WordPress Happy Baby theme <= 1.2.12 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Bonds in WordPress Theme Happy Baby versions = 1.2.12...
CVE-2025-12932
A vulnerability was determined in SourceCodester Baby Care System 1.0. Affected by this issue is some unknown functionality of the file /admin.php?id=inbox. This manipulation of the argument msgid causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed...
CVE-2025-12933
A vulnerability was identified in SourceCodester Baby Care System 1.0. This affects an unknown part of the file /updatewelcome.php?id=siteoptions=welcome. Such manipulation of the argument roleid leads to sql injection. The attack can be launched remotely. The exploit is publicly available and...
CVE-2025-12933
A vulnerability was identified in SourceCodester Baby Care System 1.0. This affects an unknown part of the file /updatewelcome.php?id=siteoptions&action=welcome. Such manipulation of the argument roleid leads to sql injection. The attack can be launched remotely. The exploit is publicly available...
CVE-2025-12933
A vulnerability was identified in SourceCodester Baby Care System 1.0. This affects an unknown part of the file /updatewelcome.php?id=siteoptions&action=welcome. Such manipulation of the argument roleid leads to sql injection. The attack can be launched remotely. The exploit is publicly available...
EUVD-2025-44028
A vulnerability was identified in SourceCodester Baby Care System 1.0. This affects an unknown part of the file /updatewelcome.php?id=siteoptions&action=welcome. Such manipulation of the argument roleid leads to sql injection. The attack can be launched remotely. The exploit is publicly available...
CVE-2025-12933
CVE-2025-12933 : A SQL injection vulnerability exists in SourceCodester Baby Care System 1.0 due to manipulation of the roleid parameter in /updatewelcome.php?id=siteoptions&action=welcome. The vulnerability can be exploited remotely and a public exploit is available. The connected documents cons...